CalvinBackup/www-project-ai-testing-guide
1
0
Fork 0
mirror of https://github.com/OWASP/www-project-ai-testing-guide.git synced 2026-06-08 15:23:53 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update 1.1_Preface_and_Contributors.md

Browse Source
This commit is contained in:
Matteo Meucci
2025-11-20 10:26:44 +01:00
committed by GitHub
parent 46d2b9b6d1
commit e1cdb1d606
1 changed files with 2 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Document/content/1.1_Preface_and_Contributors.md
+2 -4
View File
@@ -8,11 +8,9 @@ OWASP AI Testing Guide
Artificial Intelligence is transforming how software is designed, deployed, and defended yet our ability to **test, verify, and assure AI systems** has not evolved at the same pace. Traditional application security testing is no longer sufficient for systems driven by models that learn, adapt, and behave unpredictably.
In 2023, OWASP released the *Top 10 for Large Language Model Applications*, the first global effort to map common AI risks. The **OWASP AI Testing Guide (AITG)** takes the next step: providing a **structured, repeatable, and community-driven methodology** for evaluating the **security, safety, and trustworthiness** of AI systems across their entire lifecycle, from data collection and model training to deployment, monitoring, and runtime behavior.
In 2023, OWASP released the *Top 10 for Large Language Model Applications*, the first global effort to map common AI risks. The **OWASP AI Testing Guide (AITG)** takes the next step: providing a **structured, repeatable, and community-driven methodology** for evaluating the **trustworthiness** of AI systems across their entire lifecycle, from data collection and model training to deployment, monitoring, and runtime behavior.
While its foundations draw on the OWASP Web Security Testing Guide (WSTG) and the NIST AI Risk Management Framework, the AITG extends beyond web or application testing. It introduces an integrated approach combining **AI red-teaming, adversarial testing, risk-based validation, and continuous assurance**, aligned with global standards such as ISO/IEC 42001, ISO/IEC 5338, NIST AI 100-2, and the EU AI Act.
This guide is written for **security testers, ML engineers, red teamers, risk managers, and auditors** who must translate high-level AI governance principles into **practical, testable controls**. Each test case links objectives, payloads, and observable responses to remediation guidance, enabling consistent assessment and evidence-based reporting.
This guide is written for **AI testers, ML engineers, risk managers, and auditors** who must translate high-level AI governance principles into **practical, testable controls**. Each test case links objectives, payloads, and observable responses to remediation guidance, enabling consistent assessment and evidence-based reporting.
**Version 1.0** introduces four testing categories that together form the OWASP AI Testing Framework: